S4 for Salesforce reviews the configurations of a Salesforce org and identifies flaws.

02Scan Source Code

S4 uses a robust client-side static code analysis engine to create call flows to identify CRUD/FLS flaws. It uses data flow analysis to associate Visualforce components to their associated controllers. This information is then used by a white-box fuzzer to identify injection vulnerabilities.

S4 launches the custom fuzzer in the installed organization and can be scaled out to as many organizations as needed. All code analyzed remains within the organization preserving intellectual property of the code base.

SaaS Security Scannerfor Salesforce

S4Results

01Application Security Report

You don’t need an expert to run S4. With one click, you get an Application Security Report comprised of detailed findings.